Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/AndrewPla/GreyNoisePS

PowerShell module to interact with the GreyNoise API
https://github.com/AndrewPla/GreyNoisePS

greynoise powershell

Last synced: about 6 hours ago
JSON representation

PowerShell module to interact with the GreyNoise API

Host: GitHub
URL: https://github.com/AndrewPla/GreyNoisePS
Owner: AndrewPla
License: mit
Created: 2021-03-26T16:46:28.000Z (over 3 years ago)
Default Branch: main
Last Pushed: 2022-10-14T20:57:03.000Z (about 2 years ago)
Last Synced: 2023-05-03T20:58:47.193Z (over 1 year ago)
Topics: greynoise, powershell
Language: PowerShell
Homepage:
Size: 13.7 KB
Stars: 6
Watchers: 2
Forks: 3
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-ip-search-engines - GreyNoise PS

README

# GreyNoisePS
PowerShell module to interact with the GreyNoise API. This currently works with the both the paid and community API endpoints.

## Community API Command Usage

### The GNIpInfo command is the only one available for community level accounts

Return information about an IP address.

```
Get-GNIpInfo -Ip 8.8.8.8

ip : 8.8.8.8
noise : False
riot : True
classification : benign
name : Google Public DNS
link : https://viz.greynoise.io/riot/8.8.8.8
last_seen : 2021-03-26

```

Return information about your local TCP connections

```
Get-NetTCPConnection | Where-Object {
($_.RemoteAddress -notlike '0.0.0.0') -and
($_.RemoteAddress -notlike '127.*') -and
($_.RemoteAddress -notlike '*::*') } |
Sort-Object -Property RemoteAddress -Unique |
Get-GNIpInfo

ip : 140.82.113.25
noise : False
riot : True
classification : benign
name : Github
link : https://viz.greynoise.io/riot/140.82.113.25
last_seen : 2021-03-26
message : Success

ip : 162.159.130.234
noise : False
riot : True
classification : benign
name : Cloudflare CDN
link : https://viz.greynoise.io/riot/162.159.130.234
last_seen : 2021-03-26
message : Success

```

## Paid API Command Usage

### All commands are supported with a Paid API account

Confirm access to the GreyNoise API and API Key status

```
Get-GNPing -Key $key
```

Retrieve full Mass-Internet scanning Context data for multiple IPs

```
Get-GNMultiIpContext -Ips $ips -Key $key
```

Retrieve full Mass-Internet scanning Context data for a single IP

```
Get-GNIpContext -Key $key -Ip $ip -Key $key
```

Perform a GreyNoise Quick Lookup for multiple IPs

```
Get-GnIpQuickCheck -Ip $ip -Key $key
```

Perform a GreyNoise Quick Lookup for a single IP

```
Get-GNMultiIpQuickCheck -Ips $ips -Key $key
```

Perform a GreyNoise Common Business Service IP Lookup for a single IP

```
Get-GNRiotIpLookup -Ip $ip -key $key
```

Perform a GreyNoise Query

```
Get-GNQLQuery -GNQLQuery 'last_seen:today' -Key $key
```

Get Statistics for a GreyNoise Query

```
Get-GNQLStats -Key $key -GNQLQuery '(raw_data.scan.port:445 and raw_data.scan.protocol:TCP) metadata.os:Windows*'
```

Get GreyNoise Tag Details

```
Get-GNTagMetadata -key $key
```